package com.zd.springsecuritydemo.expression;

import com.zd.springsecuritydemo.response.LoginUser;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;

import java.util.List;

/**
 * @author ZhangDong
 * @date 2024/1/7 21:16
 */
@Component("ex")
public class ZdSecurityExpressionRoot {

    public boolean hasAuthority(String authority) {
        // 获取当前用户的权限
        Authentication authentication =
                SecurityContextHolder.getContext().getAuthentication();
        LoginUser loginUser = (LoginUser) authentication.getPrincipal();
        List<String> permissions = loginUser.getPermissions();
        // 判断用户权限集合中是否包含此权限
        return permissions.contains(authority);
    }
}
